General

  • Target

    ef4788a45df8809851b18e5bfac1bad8fa8ea4850ac68fca2cca03b9b830a755

  • Size

    436KB

  • Sample

    240402-espvxagb8v

  • MD5

    9b2a7e7f1001a3eaf7e83593d21a98ab

  • SHA1

    e280ff25a527a9d11a30f7223a78e08544d09c85

  • SHA256

    ef4788a45df8809851b18e5bfac1bad8fa8ea4850ac68fca2cca03b9b830a755

  • SHA512

    5edaa8940c152b24dbee854d86dcae1b02dbbcf182642e7d87a97372c38c7c5c8e450078b490dc4564b197e0df14ad9a7dcec0d193a9ad9646fbb3c0a472f4df

  • SSDEEP

    12288:Oc5wlzDj6o+EiB0LryUXQwwfsmo6Qjgdz7XlDOT:f5wl/wfsmoHjgdz78

Score
10/10

Malware Config

Targets

    • Target

      ef4788a45df8809851b18e5bfac1bad8fa8ea4850ac68fca2cca03b9b830a755

    • Size

      436KB

    • MD5

      9b2a7e7f1001a3eaf7e83593d21a98ab

    • SHA1

      e280ff25a527a9d11a30f7223a78e08544d09c85

    • SHA256

      ef4788a45df8809851b18e5bfac1bad8fa8ea4850ac68fca2cca03b9b830a755

    • SHA512

      5edaa8940c152b24dbee854d86dcae1b02dbbcf182642e7d87a97372c38c7c5c8e450078b490dc4564b197e0df14ad9a7dcec0d193a9ad9646fbb3c0a472f4df

    • SSDEEP

      12288:Oc5wlzDj6o+EiB0LryUXQwwfsmo6Qjgdz7XlDOT:f5wl/wfsmoHjgdz78

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks